News sites are now filling up with reports of the 'SWAPGS' vulnerability, CVE-2019-1125, disclosed on Tuesday.
Apparently, it affects all intels since Ivy Bridge, and (possibly) AMD - people who found it (Bitdefender.com) were unable to exploit it on AMD Fam15 or Fam16 and AMD suggest it will be very hard to exploit. Specifically, AMD suggest they are only vulnerable to Scenario 2, Variant 2 of the possible series of attacks, and that existing mitigations for Spectre v1 will prevent this. https://www.amd.com/en/corporate/product-security/ But I don't have a link to the various scenarios, and the CVE is still labelled as 'reserved'. If google is linking two and two together to make four (which would be a change!), kernels 5.2.7, 4.19.65, etc might have the mitigations. Apparently, windows rolled out fixes last month. As usual, it looks hard to exploit. ĸen -- Adopted by dwarfs, brought up by dwarfs. To dwarfs I'm a dwarf, sir. I can do the rite of k'zakra, I know the secrets of h'ragna, I can ha'lk my g'rakha correctly ... I am a dwarf Captain Carrot Ironfoundersson (in The Fifth Elephant) -- http://lists.linuxfromscratch.org/listinfo/lfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
